CVE-2012-3544

Public on 2013-06-01

Modified on 2014-09-18

Description

Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.

Severity

Medium

See what this means

CVSS v3 Base Score

4.3

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory
Amazon Linux 1	tomcat6	2014-05-21 10:45	ALAS-2014-344

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv2	4.3	AV:N/AC:M/Au:N/C:N/I:N/A:P
NVD	CVSSv2	5.0	AV:N/AC:L/Au:N/C:N/I:N/A:P

References

Red Hat: CVE-2012-3544 Mitre: CVE-2012-3544 FAQs regarding Amazon Linux ALAS/CVE Severity